issues
search
dmose
/
mc-nodejs-docs
Draft policy for NodeJS in mozilla-central, will live in m-c/firefox-source-docs
0
stars
2
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
should we automatically look for out-of-date packages & files bugs & have some policy?
#22
dmose
opened
4 years ago
0
add link to node-sec-roadmap as a reference
#21
dmose
opened
4 years ago
1
draft process to trigger automatic upgrade of Node when old version is obsolete
#20
dmose
opened
4 years ago
0
document upgrading NodeJS
#19
dmose
opened
4 years ago
0
add policy wording around using oldest LTS version of Node
#18
dmose
opened
4 years ago
0
Adding a hard-stop req. for unlicensed modules.
#17
mhoye
closed
4 years ago
0
licensing runbook is not publically available outside of Mozilla
#16
froydnj
opened
4 years ago
1
Should we keep a top-level list of "allowed" packages
#15
dmose
opened
4 years ago
2
Be explicit that right now we're just talking about the top-level nod…
#14
dmose
closed
4 years ago
0
describe what parts of mozilla-central these policies will and won't apply to
#13
dmose
closed
4 years ago
0
How do we prevent broadly used packages from bit-rotting?
#12
dmose
opened
4 years ago
3
do we need to call out sandboxing in these policy docs?
#11
dmose
opened
4 years ago
2
handling updating old, stale-API packages with sec issues
#10
dmose
opened
4 years ago
1
what about undefined --ignore-scripts behavior?
#9
dmose
opened
4 years ago
1
propose specific actions around vulnerabilities in policy
#8
dmose
opened
4 years ago
3
Add goals section
#7
dmose
closed
4 years ago
0
Missing goals
#6
joewalker
closed
4 years ago
2
Add 'to ensure that' to clarify statement
#5
tomrittervg
closed
4 years ago
0
Reduce save options
#4
Mossop
closed
4 years ago
3
Policy selection move
#3
dmose
closed
4 years ago
0
Merge in threat models
#2
Mossop
closed
4 years ago
0
Propose explicit `vendor` and `lint` relationship
#1
dmose
closed
4 years ago
0